Are conventional cybersecurity tactics
leading you to defeat?
Dan Ballmer, Sr. Transformation Analyst
Today’s organizations are fighting cyberattacks using strategies that
have historically failed in a combat environment. While there are many differences between conventional warfare and cybersecurity, there are also enlightening similarities. One example is the concept of
asymmetrical warfare.
Organizations spend money on a vast array of tools, infrastructure, and security services to fortify themselves against attacks. Larger ones have
a security operations center (SOC), staffed by trained professionals who perform ‘round-the-clock monitoring of the environment. Similar to a standing army, businesses have formidable cyber “weapons,” they
remain on high alert, and operate according to extensively
documented procedures.
Now, let’s look at the capabilities of their opponents, who have neither the numbers nor the means to “fight fair” against fortified organizations.